CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials
A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.
Versions | Affected | Unaffected |
---|---|---|
Cloud NGFW | None | All |
PAN-OS 11.1 | None | All |
PAN-OS 11.0 | < 11.0.1 | >= 11.0.1 |
PAN-OS 10.2 | < 10.2.4 | >= 10.2.4 |
PAN-OS 10.1 | < 10.1.9 | >= 10.1.9 |
PAN-OS 10.0 | < 10.0.12 | >= 10.0.12 |
PAN-OS 9.1 | < 9.1.16 | >= 9.1.16 |
PAN-OS 9.0 | < 9.0.17 | >= 9.0.17 |
PAN-OS 8.1 | < 8.1.24-h4 | >= 8.1.24-h4 |
Prisma Access | None | All |
CVSSv4.0 Base Score: 5.1 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:L/U:Green)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
CWE-701: Weakness Introduced During Design
This issue is fixed in PAN-OS 8.1.24-h4, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.
You should issue new credentials for the impacted external integrations after you upgrade your PAN-OS software to a fixed version to prevent the misuse of previously exposed credentials.
This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.